Trojan is a type of the malicious program that disguised as a legitimate software. This programs can provide unauthorized access to the user’s computer. The name came from the Ancient Geek story. The working is also like similar. The way they disguised the horse to invade the troy.
There are two components of the Trojan
Overt component: Overt component can be seen or in the form dis-tractor to the users. It comes in the games, freeware software and dis-tractor software. Covert component: Covert component cannot be seen or is in the hidden form. It is usually perform by the hacker or pen tester to gain access to the victims computer by BackDoors, RootKits, KeyLoggers, Spyware
Different types of the Trojans
Virtual Network Computing Trojan (VNC)
HTTP(web based)
IRC
Command Shell
Destruction
Documents
Botnet
Proxy
Remote Access Trojan (RAT)
Email
FTP
GUI
Spam
Defacement
Mobile
Different Infections Techniques
Instant Messaging
IRC
Physically installing on the computer
Browser(Through the different script like java-script on the browsers)
Fake programs
Attachments(Through email)
Freeware
Games
Detecting the Trojan
Monitor the common ports used by Trojans (PORTS)
Check the different process whether it is legitimate or not(Running Process)
Scan register(Registry)
Monitor authorized or unauthorized drivers (Drivers)
Scan different services running (Services)
Startup
Files/Folder
Network Activity
Using different scanner to detect the viruses(Scanners)
Counter Measures
Since though Email Attachment viruses can be transferred (Blocking the certain Email attachment)
Blocking certain instant messaging (shutdownInstant Messaging)
Security Technical Implementation Guide (STIG)
Monitor traffic
Hardening system
Restricting some the port and authorizing some of the ports (Blocking Ports)
Patch management
Monitoring the system by hashing files or from the networking level like intrusion detection system (Monitor Integrity)
Trusted sources (Installing software though trusted sources)